I have two password column one is password and other in temp_password, user can login with either password or temp_password for that i'm using following code:
if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){
echo "User Logged In";
} else if(Auth::attempt(['email' => request('email'), 'temp_password' => \Crypt::encrypt(request('password'))])) {
echo "User Logged in";
} else {
echo "Incorrect Credentials";
}
i'm getting this error :
Undefined index: password", exception: "ErrorException"
if i remove else if part it is working properly.
Any help is highly appreciated.
Auth::Attempt() method expects an array with email and password indexes.
#Documentation
If you dont provide them, it will fail. 'password' is not a dynamic field to it, it must be password. You need to do it manually for the temp_password field
if (Auth::attempt(['email' => request('email'), 'password' => request('password')])) {
echo "User Logged In";
} else {
$user = User::where('email', '=', request('email'))->first();
if (!$user || !Hash::check(request('password'), $user->temp_password);) {
echo "Incorrect Credentials";
return;
}
Auth::guard()->login($user);
echo "User Logged In";
}
Related
I'm using Auth::attempt($credentials) to authenticate login data from users.
$credentials = [
'user_name' => $request->user_name,
'password' => $request->password,
];
if (Auth::attempt($credentials)) {
return redirect()->route('admin.dashboard');
} else {
return redirect()->back()->with('status', 'Invalid credentials!');
}
If a user types the wrong password or wrong username, I throw an invalid credentials error. But I want if a user does not exist in the database, I can throw an error that the user does not exist.
My Auth::attempt($credentials) returns true or false, so I don't know how to do this. Can you help?
$user = User::where('user_name',$request->user_name)->first();
if($user) {
$credentials = [
'user_name' => $request->user_name,
'password' => $request->password,
];
if (Auth::attempt($credentials)) {
return redirect()->route('admin.dashboard');
} else {
return redirect()->back()->with('status', 'Invalid credentials!');
}
} else {
return redirect()->back()->with('status', 'Not found!');
}
It would be an security issue sir as #fubar said, but the simple logic is
Find at users table if email is exists.
if exists then go to auth attempt like the way you implement already.
if not exists throw 404.
I'm practicing manual authentication in Laravel for learning purposes, following along laracasts.com and reading the manual user authentication related documentation here - https://laravel.com/docs/5.4/authentication#authenticating-users
My login controller code is as follows:
public function loginSubmit() {
$email = request('email');
$password = request('password');
if (Auth::attempt(['email' => $email, 'password' => $password])) {
return 'logged in';
} else {
return 'not logged in';
}
Albeit the password not being hashed, I am using the Auth::attempt with the correct email and password information but am not able to return 'logged in'. How can I get the login to work with Auth::attempt ?
You need to hash the password
use Illuminate\Support\Facades\Hash;
$password = Hash::make($request->password);
I am using laravel 5.2.45 following is my code for user authentication but unable to authenticate. i.e failed to create session after redirect to home lose the session.
My Controller:
$login = array(
'username' => $input['username'],
'password' => $input['password']
);
if (Auth::attempt($login)) {
return Redirect::route('home')->with('flash_notice', 'You are Successfully logged in.');
}
in home:
if(Auth::check()) {
echo "Logged in";
} else {
echo "Not logged in";
}
can't manage to login anybody an idea? i still get redirected back to the login page
Route::post('login', function() {
// get POST data
$email = Input::get('username');
$password = Input::get('password');
if ( Auth::attempt(array('email' => $email,'password' => $password) ))
{
return Redirect::to('home');
}
else
{
// auth failure! lets go back to the login
return Redirect::to('login')
->with('login_errors', true);
}
});
change
if ( Auth::attempt(array('email' => $email,'password' => $password) ))
to
if ( Auth::attempt(array('username' => $email,'password' => $password) ))
Laravel has a setting that lets you specify the username as either 'username' or 'email' (or whatever else you may choose), check config. Like above indicated...
if ( Auth::attempt(array('username' => $email,'password' => $password) ))
Also, Laravel expects a hashed password by default.
To use email as username, try adding this to User model:
protected $primaryKey = 'email';
Also make sure email is the primary key on your 'user' table.
I'm running a update_user form through
$user = ORM::factory('user', $id)->update_user($this->request->post(), array(
'username',
'password',
'email'
));
And pre-populating the form fields username and email with the current user, and leaving the password blank in-order to be 'unchanged'
But on submission its picking up all the validation messages from create_user from the 'user' model
So i'm getting:
"username already taken"
"email address already taken"
"password can't be blank"
Does anyone know how your suppose to get round this?
$user = $this->get_user();
if ( ! $user->loaded())
{
throw new Exception_Deny;
}
if ($_POST)
{
try
{
$user->update_user($_POST, array(
'username',
'email',
'password',
));
}
catch (ORM_Validation_Exception $e)
{
$this->add_errors($e);
}
}
$this->content = View::factory('user/update');
works absolutely properly - gives an error only when Im trying to assign existent another user's username or password... Check anything you've overrided in ORM or Model_User classes.